Main Menu
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • English English English en
  • BLOG
  • CONTACT SALES
  • FREE TRIALS
  • English English English en
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Network Segmentation
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • Menu

How do I integrate Ianum with a SonicWall SMA?

03/26/2020 0 People found this article helpful 107,495 Views

    Download
    Print
    Share
    • LinkedIn
    • Twitter
    • Facebook
    • Email
    • Copy URL The link has been copied to clipboard

    Description

    Ianum is a cloud platform for passwordless authentication and user data management. The strength relies in the use of smartphones and blockchain-inspired encryption, so that only those who have the keys can authenticate and see their data. This guarantees a secure system where Ianum acts as a guarantee layer, but has but has no access to unencrypted users' data.

    Ianum Platform is made of a series of services, each one with its specific task. Microservices can be Personal Data Management when you need to ask for users’ personal data, Consensus Management, when during a login you would like to ask for consensus, as well as Passwordless Authentication, to let users login using their smartphone. Full list is available at www.ianum.com .

    All these microservices can be used both internally within companies (they are SAML compatible) or towards end users (e-commerce login, etc.), as well as for GDPR compliant data management and data consent.

    To connect Ianum services you need to create a Gate, that is a virtual connection between your services and Ianum Platform. Each gate has a unique identifier (unique URL) and it’s where users needs to go through to be identified.

    Gates can be of 3 types:

    • public: when you need to authenticate any users that try to access that gate. Example: e-commerce
    • private: when you want only a specific list of users to be able to access that gate. ex.: backend application
    • Identity Provider: same as private, but compatible with SAML 2.0 protocol, so to be used in any SAML 2.0 compatible business tool

    In this article we will focus on the integration between SMA 12.3 Tunnel Access and a Ianum Identity Provider using the SAML 2.0 protocol.

    Resolution

    To complete the connection you need first to configure the connection with Ianum , configuring it as an Identity Provider. Next step, you need to configure connection with SonicWall, so that users allowed by Identity Provider are accepted by SonicWall system.

    1. Ianum setup

      Navigate to the Ianum Developer area (https://id.ianum.com/ianum). If you need this for a personal account, go ahead. If you need for a company, create a company profile clicking on the top-right menu and selecting “Add new profile”.

      1. Create the Gate
        1. Create a gate by selecting the type “Identity Provider”
          Image

        2. Configure IdP
          In the Identity Provider tab you can find the parameters needed to configure the IdP on SonicWall side.
          Image
        3. Start creating groups for your users (from Group section) and Attributes you want to set for your users (from Attributes section).
          Image

          Image

        4. Add users to your IdP
          Go back in the Passwordless Auth service to add your users. To add a user you need to specify the email of that user so that he can receive the invitation into the Identity Provider. Then you can set his attributes and the groups he’s part of.
          Image


        5. Create SonicWall App
          You are now ready to create the Application to connect SonicWall. Go in the Identity Provider section and add a new App.
          Image


      2. You can put the information of the SonicWall Service Provider, as well as decide which groups are allowed to enter and mapping the attributes of the users for that Service Provider. Here you can also download the Certificate for your app.
        Mappers are needed cause if you have created an attribute of type ID, and the Service Provider has the same parameter called identificator you need to create a mapper to say that Identity Provider has to return the value ID but calling it identificator just for this App.
        Image

        Remember to tell your users to control their emails and accept the invitation. To do that, they have to download Ianum App from Play Store or App Store, and do the first login by clicking the link in the email received.

    2. SonicWall Setup
      1. Define the SAML workplace Portal
        Login to the SMA device and click Workplace
        Image

        Image

      2. Add Ianum CA
        Ianum CA was saved before from Ianum Developer Area.
        Image

        Make sure it can be used to check signed SAML requests:
        Image

      3. Setup an IDP Authentication server
        Image

        Most of the fields come from Ianum Developer Area SSO page.
        The fields in Red come from Ianum Developer Area SSO page while the ones in green are related toyour specific setup.

        Image
        Name : logical name for the authentication server, any name meaningful to you
        Appliance ID : this is the FQDN used by Ianum to talk back to the SMA and transmit the SAML assertion, it must exist as a Workplace portal which is also selected below in green. MAKE SURE to use HTTPS and a / at the end of the URl

        Image

      4. Setup Tunnel Access
        Image

        Make sure an IP pool is assigned:
        Image

        An access rule must allow access to “Connect Tunnel” resource.
        Image


      5. Test the configuration
        Now it’s time to test the configuration. You can go to your service provider and click on Ianum-SAML login.
        Image

        You’ll be redirected to Ianum Identity Provider and you’ll see a page with a QR Code.
        Image

        Now you need to download the Ianum App from the App Store or the Google Play Store. Then you need to activate it inserting your phone number and insert the verification code received through an SMS. You’re ready to Scan the QR Code!
        After you scanned it, the first time you’ll be asked to enter a code (the code received through email) and it’s a code to match your Ianum Identity with the user allowed to access the Identity Provider.
        If the user has clicked the link in the invitation email sent when the user has been added to Identity Provider, the code won’t be asked.

        Image

        After you entered the code, you’ll complete the login procedure and you’ll be redirected to your Service Provider page. You’re successfully logged in.

    Related Articles

    • How to manually apply licenses to SMA 1000 series appliance?
    • SMA100: How to generate Certificate Signing Request and import a signed certificate?
    • SMA1000: The current SMS gateway settings, Korean characters are only partially transmitted, but English works.

    Categories

    • Secure Mobile Access > SMA 1000 Series

    Not Finding Your Answers?

    ASK THE COMMUNITY

    Was This Article Helpful?

    YESNO

    Article Helpful Form

    Article Not Helpful Form

    Company
    • Careers
    • News
    • Leadership
    • Awards
    • Press Kit
    • Contact Us
    Popular resources
    • Communities
    • Blog
    • SonicWall Capture Labs

    Stay In Touch

    • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
    • This field is for validation purposes and should be left unchanged.
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
    • Instagram

    © 2022 SonicWall. All Rights Reserved.

    • Legal
    • Privacy
    • English
      Scroll to top
      Trace:7678f9712de07d0004ce49174c5868a9-79